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INTERNATIONAL PRELIMINARY EXAMINATION REPORT 


International application No. 
PCT/SE99/00516 


V. Rcsoncd statement under Article 35(2) with regard to novelty, inventive step or industrial applicability; 
citations and explanations supporting such statement 


1. Statement 

Novelty (N) 


Claims 1 — 44 
Claims 


YES 
NO 


Inventive step (IS) 


Claims 
Claims 


Industrial applicability (LA) Claims 

Claims 


1-44 


1-44 


YES 
NO 

YES 
NO 


2. Citations ami explanations 

The invention relates to a telecommunications system employing 
electronic security badges to provide temporary access to a 
computer system protected by firewalls. The object of the 
invention is to solve the problem of providing flexible, user 
friendly, access without compromising the security. 

According to the invention the badge establishes a reliable 
contact from which only trustworthy instructions will emanate, 
i.e. the instructions will only come from an approved and 
security cleared visitor. Initial contact between a visitor 
and the host, i.e. an individual responsible for operation of 
the host computer, is established via a telephone conversation 
over the PSTN. Visitor and host agree on a password, or code 
word. The code is added, possibly in encrypted form, to the 
source code of an electronic badge. The electronic badge may 
be a Java applet, which is compiled and placed on a web server 
protected by the password. When download onto a visitor's 
computer, the electronic badge mediates communication between 
the visitor's computer and a protected host computer. 

Documents cited in the international search report: 

[Dl] WO 9716911, Al 

[D2] Andrew S. Tanenbaum Computer Networks, Third edition, 
1996 by. Prentice-hall inc., 

Upper Saddle River, New Jersey. 

Dl relates to a method of directing an internal computer 
system that involves authenticating a connection initiated by 
the internal computer system to an external computer system. 
The external computer system calls a transaction request 
received by the external computer system. 
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An original process environment, containing process 
environment variables, is created in response to the request, 
A string is then formed which comprises the transaction 
request and the process environment variables for executing 
the transaction request. The string is then transmitted by the 
external system to the internal system, through the 
authenticated connection. The transaction request is verified 
by the internal system. The original process environment is 
then recreated by the internal system and the transaction 
request is executed (see abstract; page 1, linel3-page 2, line 
40; page 4, line 37-page 6, line58 and claims 1-10) . 

The invention according to claims 1, 16 and 32 differs from Dl 
by describing measures that are considered obvious to a person 
skilled in the art. It is mentioned in Dl that the method 
directs an internal computer system to allow an external 
computer system to initiate a transaction request using 
internal resources without violating a security firewall 
between the systems. Additionally, it is mentioned that the 
method includes of authenticating a connection initiated by 
the internal computer system between the internal computer 
system and the external computer system, thereby establishing 
an authenticated connection. 

The invention according to dependent claims 2-4, 17-19 and 33- 
35 includes only steps that are common and thereby considered 
obvious to a person skilled in the art. It is a common 
procedure in most of the local networks to include a 
protection firewall or to include admission and application 
computer on a single data processing machine. Letting a 
firewall to control the communication is the. main purpose of 
using a firewall. 

The invention according to dependent claims 5-7, 13, 20-22 and 
36-38 differs from Dl only by . steps that are obvious to a 
person skilled in the art, when taking considerations to D2 . 
It is mentioned in D2 that the idea with Java-* applets'' , as a 
smaller applications program, that is to be downloaded from 
the Internet and executed in a safe way. It is in the 
*def inition" of the * applet" that it is not able to read or 
write files that, the program has no authorisation to (see D2, 
page 706-709) . Thus, to implement such functions into the 
system described in Dl is obvious. 
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The invention according to dependent claims 8-12, 14, 15, 23- 
27, 31 and 39-44 describes only measures that are considered 
obvious to a person skilled in the art. It is not considered 
to include an inventive step to connect a panel to a web 
server, and to include a database of access rules, or to make 
the connections as claimed for. It is mentioned in Dl, that 
condition data is buffered and that the system includes both 
internal and external databases. Password protection means to 
said web server, are a must in most web servers, and mentioned 
inDl. 

It is also obvious to a person skilled in the art to create a 
panel for controlling the electronic visitor's badge. 

The invention according to dependent claims 24 and 28-30 
includes only steps that are considered obvious to a person 
skilled in the art. 

To summarise: 

With reference to Dl and D2, the invention according to claims 
1-44 is considered not to include an inventive step. 


Form PCT/IPEA/409 (Supplemental Box) (January 1 994) 


^TENT COOPERATION TRE;^' 


PCT/SE99/00516 


From the INTERNATIONAL BUREAU 


PCT 

NOTIFICATION CONCERNING 
SUBMISSION OR TRANSMITTAL 
OF PRIORITY DOCUMENT 

{PCT Administrative Instructions, Section 411) 


To: 


PRAGSTEN, Rolf 
Telia Research AB 
Corporate Patent Dept. 
Vitsandsgatan 9 
S-123 86 Farsta 
SUEDE 


Date of mailing (day/month/year) 

03 June 1999 (03.06.99) 


Applicant's or agent's file reference 
Case 667 PCT 

IMPORTANT NOTIFICATION 

International application No. 
PCT/SE99/00516 

International filing date (day/month/year) 

30 March 1999 (30.03.99) 

International publication date (day/mo nth/year) 

Not yet published 

Priority date (day/month/year) 
01 April 1998 (01.04.98) 

Applicant 

TELIA AB (publ) et al 


1 . The applicant is hereby notified of the date of receipt (except where the letters "NR" appear in the right-hand column) by the 
International Bureau of the priority document(s) relating to the earlier application(s) indicated below. Unless otherwise 
indicated by an asterisk appearing next to a date of receipt or by the letters "NR", in the right-hand column, the priority 
document concerned was submitted or transmitted to the International Bureau in compliance with Rule 17.1(a) or (b). 

2. This updates and replaces any previously issued notification concerning submission or transmittal of priority documents. 

3. An asterisk!*) appearing next to a date of receipt, in the right-hand column, denotes a priority document submitted 
or transmitted to the International Bureau but not in compliance with Rule 17.1(a) or (b). In such a case, the attention 
of the applicant is directed to Rule 17.1(c) which provides that no designated Office may disregard the priority claim 
concerned before giving the applicant an opportunity, upon entry into the national phase, to furnish the priority document 
within a time limit which is reasonable under the circumstances. 

4. The letters "NR" appearing in the right-hand column denote a priority document which was not received by the International 
Bureau or which the applicant did not request the receiving Office to prepare and transmit to the International Bureau, 

as provided by Rule 17.1(a) or (b), respectively. In such a case, the attention of the applicant is directed to Rule 17.1(c) which 
provides that no designated Office may disregard the priority claim concerned before giving the applicant an opportunity, 
upon entry into the national phase, to furnish the priority document within a time limit which is reasonable under the 
circumstances. 


Priprity date Priority ap plication No. Country or regional Office Date of receipt 

qr PCT receiving Office of priority document 

01 Apri 1998 (01.04.98) 9801151-3 SE 18 May 1999 (18.05.99) 


The International Bureau of W1PO 

Authorized officer 1 

34, chemin des Colombettes 

Athina Nickitas-Etienne JV'\\ 

1211 Geneva 20, Switzerland 

Facsimile No. (41-22) 740.14.35 

Telephone No. (41-22)338.83.38 J 

Form PCT/IB/304 (July 1998) 

002653106 


^ITENT COOPERATION TR^^Y 


WO 99/51003 
PCT/SE99/00516 


From the INTERNATIONAL BUREAU 


PCT 

NOTICE INFORMING THE APPLICANT OF THE 
COMMUNICATION OF THE INTERNATIONAL 
APPLICATION TO THE DESIGNATED OFFICES 

(PCT Rule 47.1(c), first sentence) 


To: 


PRAGSTEN, Rolf 
Telia Research AB 
Corporate Patent D 
Vitsandsgatan 9 
S-123 86 Farsta 
SUEDE 


-••-3-- \go 

relia Research AB 


T9S9 -10- 1 


Date of maiJing (day/month/year) 

07 October 1999 (07.10.99) 


Applicant's or agent* s file reference 
Case 667 PCT 

IMPORTANT NOTICE 

International application No. 
PCT/SE99/00516 

International filing date (day/month/year) 

30 March 1999 (30.03.99) 

Priority date (day/month/year) 
01 April 1998 (01.04.98) 

Applicant 

TELIA AB (publ)etal 


^ In?h?flfii^ Bure f U ha ^mmun\cated. as provided in Article 20, the international application 

to the following designated Offices on the date indicated above as the date of mailing of this Notice- 

EP,US 

In accordance with Rule 47.1(c), third sentence, those Offices will accept the present Notice as conclusive evidence that 
the communication of the international application has duly taken place on the date of mailing indicated above and no codv 
of the international application is required to be furnished by the applicant to the designated Office(s). 

2. The following designated Offices have waived the requirement for such a communication at this time: 

EE,LT,LV,NO 

The communication will be made to those Offices only upon their request. Furthermore, those Offices do not require the 
applicant to furnish a copy of the international application (Rule 49.1 (a-bis)). 

3. Enclosed with this Notice is a copy of the international application as published by the International Bureau on 
07 October 1999 (07.10.99) under No. WO 99/51003 

REMINDER REGARDING CHAPTER II (Article 31(2)(a) and Rule 54.2) 

If the applicant wishes to postpone entry into the national phase until 30 months (or later in some Offices) from the priority 
date, a demand for international preliminary examination must be filed with the competent International Preliminary 
Examining Authority before the expiration of 19 months from the priority date. 

It is the applicant's sole responsibility to monitor the 1 9-month time limit. 

Note that only an applicant who is a national or resident of a PCT Contracting State which is bound by Chapter II has the 
right to file a demand for international preliminary examination. 

REMINDER REGARDING ENTRY INTO THE NATIONAL PHASE (Article 22 or 39(1)) 

If the applicant wishes to proceed with the international application in the national phase, he must within 20 months 
or 30 months, or later in some Offices, perform the acts referred to therein before each designated or elected Office. 

For further important information on the time limits and acts to be performed for entering the national phase, see the 
Annex to Form PCT/IB/301 (Notification of Receipt of Record Copy) and Volume II of the PCT Applicant's Guide. 


The International Bureau of WIPO 
34, chemin des Colombettes 
121 1 Geneva 20, Switzerland 


Facsimile No. (41-22) 740.14.35 


Authorized officer 

J. Zahra 

Telephone No. (41-22) 338.83.38 


Form PCT/IB/308 (July 1996) 


2872147 


^^PATENT COOPERATION TRE/J 

PCT 

INTERNATIONAL PRELIMINARY EXAMINATION REPORT 



(PCT Article 3f> mid Rule 70) 

Applicant s or agenl's file reference 
Case 667 PCT 

FOR FURTHER ACTION Scc Nolil ' L ^">" »f Transmittal of International 

Preliminary I:\aminalion Report (Form PCT/IPIZA/4 16) 

International application No. 
PCT/SE99/00516 

International filing date (day month year) 

30.03.1999 

Priority dale (day month year) 

01 . 04 . 1998 

International Patent Classification (IPC) or national classification and IPC 7 
H 04 L 29/06, H 04 L 9/32, G 06 F 1/00 

Applicant 

Telia AB (publ) et 

al 




This international preliminary examination report has been prepared by this International Preliminary Examining 
Authority and is transmitted to the applicant according to Article 36. 


This REPORT consists of a total of 


sheets, including this cover. sheet. 


I I 1 hls rc P° rt 15 a,so accompanied by ANNEXES, i.e., sheets of (he description, claims and/or drawings which have 
been amended and are the basis lor this report and/or sheets containing rectifications made before this Authority 
(sec Rule 70. 16 and Section 607 of the Administrative Instructions under the PCT). 


These annexes consist of a total of 


sheets. 


This report contains indications relating to the following items: 
Basis of the report 
Priority 

Non-establishment of opinion w ith regard to novelty, inventive step and industrial applicability 
Lack of unity of invention 

Reasoned statement under Article 35(2) with regard to novelty, inventive step or industrial applicability citations 
and explanations supporting such statement 

Certain documents cited 


I 

IS! 

II 

□ 

III 

□ 

IV 

□ 

V 

El 

VI 

□ 

VII 

□ 

VIII 

□ 


Dale of submission of the demand 
01.11.1999 

Dale of completion of this report 
29.08.2000. 

Name and mailing address of the IPHA/SE 

Patent- och regi.?tr^L-irvjsverK<r": Telex 
Box 5055 ' 1.7070 
3-102 4 2 STOCKHOLM FATORE'J-3 

Facsimile No. 08-667 72 88 

Form Pn /IPPA/JnQ / T i nn u 

Authorized officer 

Christina Halldin/LR 
Telephone No. 0 &- 7 82 2 5 00 


INTERNATIONAL PRELIMINARY EXAMINATION REPORT 


'crnulioiinl application No. 
PCT/SE99/00516 


I. Basis of the report 


I. This report 

under Article 


has been drawn on the basis «r (Replacement sheets which have been furnished to the receiving Office in response to an im itation 
1 4 are referred ta in this report as "originally fifed" and are not annexed to the report since they do not contain amendments J: 


□ 


the international application as originally filed, 
the description, pages 


□ 


the claims. 
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Nos. 
Nos. 
Nos. 
Nos. 
Nos. 
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filed with the demand, 
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filed with the letter of 


. as originally filed, 

. as amended under Article 19. 

, filed with the demand. 
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, filed with the Idler of. 
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the drawings, 


sheets/fig 
sheets/fig 
sheets/fig 
sheets/fig 


, as originally filed, 
. filed with the demand 
9 filed with the letter of 
, filed with the letter of 
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V. Rcsoncd statement under Article 35(2) m ith regard to novelty, inventive step or industrial nnplicabilitv 
citations and explanations supporting such statement 


I . Statement 

Novelty (N) 


Inventive step (IS) 


Industrial applicability (IA) Claims 

Claims 


Claims 1 — 4 4 

Claims 

Claims 

Claims 1-4 4 


1-44 


vi:s 

NO 

YJ<S 
NO 

YliS 
NO 


Citations and explanations 


The invention relates to a telecommunications system employing 
electronic security badges to provide temporary access to a 
computer system protected by firewalls. The object of the 
invention is to solve the problem of providing flexible, user 
friendly, access without compromising the security. 

According to the invention the badge establishes a reliable 
contact from which only trustworthy instructions will emanate, 
x.e. the instructions will only come from an approved and 
security cleared visitor. Initial contact between a visitor 
and the host, i.e. an individual responsible for operation of 
the host computer, is established via a telephone conversation 
over the PSTN . Visitor and host agree on a password, or code 
word. The code is added, possibly in encrypted form, to the 
source code of an electronic badge. The electronic badge may 
be a Java applet, which is compiled and placed on a web server 
protected by the password. When download onto a visitor's 
computer, the electronic badge mediates communication between 
the visitor's computer and a protected host computer. 

Documents cited in the international search report: 
[Dl] WO 9716911, Al 

[D2] Andrew S. Tanenbaum Computer Networks, Third edition 
1996 by. Prentice-hall inc., 

Upper Saddle River, New Jersey. 

Dl ^relates to a method of directing an internal computer 
system that involves authenticating a connection initiated by 
the internal computer system to an external computer system. 
The external computer system calls a transaction request 
received by the external computer system. 
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icmalionni application No. 
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Supplemental Box 

(To be used when Ihc space in any oflhc preceding boxes is not sufficient) 


Continuation of: V 


An original process environment, containing process 
environment variables, is created in response to the request. 
A string is then formed which comprises the transaction 
request and the process environment variables for executing 
the transaction request. The string is then transmitted by the 
external system to the internal system, through the 
authenticated connection. The transaction request is verified 
by the internal system. The original process environment is 
then recreated by the internal system and the transaction 
request is executed (see abstract; page 1, linel3-page 2, line 
40; page 4, line 37-page 6, line58 and claims 1-10) . 

The invention according to claims 1, 16 and 32 differs from Dl 
by describing measures that are considered obvious to a person 
skilled in the art. It is mentioned in Dl that the method 
directs an internal computer system to allow an external 
computer system to initiate a transaction request using 
internal resources without violating a security firewall 
between the systems. Additionally, it is mentioned that the 
method includes of authenticating a connection initiated by 
the internal computer system between the internal computer 
system and the external computer system, thereby establishing 
an authenticated connection. 

The invention according to dependent claims 2-4, 17-19 and 33- 
35 includes only steps that are common and thereby considered 
obvious to a person skilled in the art. It is a common 
procedure in most of the local networks to include a 
protection firewall or to include admission and application 
computer on a single data processing machine. Letting a 
firewall to control the communication is the. main purpose of 
using a firewall. 

The invention according to dependent claims 5-7, 13, 20-22 and 
36-38 differs from Dl only by steps that are obvious to a 
person skilled in the art, when taking considerations to D2 . 
It is mentioned in D2 that the idea with Java-* applets'' , as a 
smaller applications program, that is to be downloaded from 
the Internet and executed in a safe way. It is in the 
"definition" of the "applet" that it is not able to read or 
write files that, the program has no authorisation to (see D2, 
page 706-709) . Thus, to implement such functions into the 
system described in Dl is obvious. 
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The invention according to dependent claims 8-12, 14, 15 23- 
21 31 and 39-44 describes only measures that are considered 

?oTnc S lude a an PerS ° n ±n the art * " iS n0t considered 

to include an inventive step to connect a panel to a web 

server, and to include a database of access rules, or to make 
the connections as claimed for. It is mentioned in Dl £hat 
condition data is buffered and that the system includes both 
S J7Tt ^rnal databases. Password protection means to 

in Dl SSrVer ' 3 mUSt in m ° St W6b serv ^s, and mentioned 

It is also obvious to. a person skilled in the art to create a 
panel for controlling the electronic visitor's badge. 

The invention according to dependent claims 24 and 28-30 
skJl^rin^e art PS ^ ^ °bviou 8 to a person 

To summarise: 

With reference to Dl and D2, the invention according to claims 
1-44 is considered not to include an ..inventive step. 
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(54) Title: IMPROVEMENTS IN, OR RELATING TO, ELECTRONIC BADGES 
(57) Abstract 

The present invention 
makes an electronic visitor's 
badge available to a person 
visiting a host computer 
protected by firewalls, 
and solves the problem 
of providing flexible, user 
friendly, access without 
compromising security. The 
present invention permits 
persons located behind an 
address translating firewall, 
which only allows HTTP, to 
obtain controlled access to 
privileged data information 
without compromising 
data security. The badge 
establishes a reliable contact 
from which only trustworthy 
instructions will emanate, 
i.e. the instructions will only 
come from an approved and 
security cleared visitor. Initial 
contact between a visitor and 
the host, i.e. an individual 

responsible for operation of the host computer, is established via a telephone conversation over the PSTN. Visitor and host agree on 
a password, or code word. The code is added, possibly in encrypted form, to the source code of an electronic badge. The electronic 
badge may be a Java applet which is compiled and placed on a webserver protected by the password. When downloaded onto a visitor's 
computer, the electronic badge mediates communication between the visitor's computer and a protected host computer. The present 
invention'can be used in any situation where individuals wish to work on a common computer and it is not possible to exchange hardware, 
but the individuals are able to recognize each others voices. The invention facilitates secure control of access to a secure computer facility 
via exchange of identity badges over the internet. 
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The present invention relates to a telecommunications system employing 
electronic security badges to provide temporary access to a computer system 
protected by firewalls, methods of providing temporary, controlled, access to a 
secure computer system, and an administration computer architecture for use with 
a telecommunications system employing electronic security badges. 

With modern data communications technology, it is frequently desirable to 
give a site visitor access to a secure computer system over electronic transmission 
systems. For example, it may be desirable to hold a conference, or virtual meeting, 
in cyberspace, which is hosted on a secure computer, to which general public 
access is denied for security reasons. In such a meeting, it may be necessary for 
a visitor to run applications software on the host computer. However, the person 
hosting such a meeting may well wish to limit a visitor's access to a certain set of 
the applications available on the host computer. If access to the host computer is 
given to a visitor, this will, to some extent, compromise the security of the host 
computer, unless special steps are taken to protect the host computer. 

Existing systems for providing access to computers protected by firewalls 
are either inflexible and difficult for a visitor to use, or ineffective in terms of 
preserving the security of the home computer. 

The present invention makes an electronic visitor's badge available to a 
person visiting a host computer protected by firewalls, and solves the problem of 
providing flexible, user friendly, access without compromising security. The present 
invention permits persons located behind an address translating firewall, which only 
allows HTTP, to obtain controlled access to privileged data information without 
compromising data security. The badge establishes a reliable contact from which 
only trustworthy instructions will emanate, i.e. the instructions will only come from 
an approved and security cleared visitor. 


30 


Initial contact between a visitor and the host, i.e. an individual responsible 
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for operation of the host computer, is established via a telephone conversation over 
the PSTN. Visitor and host agree on a password, or code word. The code is 
added, possibly in encrypted form, to the source code of an electronic badge. The 
electronic badge may be a Java applet which is compiled and placed on a 
webserver protected by the password. When this "applet" is run via port 80, i.e. the 
port used for communication through a firewall, the code in the control server is 
correlated to the code presented by the badge, in other words, it does not matter 
that the firewall between visitor and host has changed the IP address. 

The present invention can be used in any situation where individuals wish 
to work on a common computer and it is not possible to exchange hardware, but 
the individuals are able to recognize each others voices. The invention facilitates 
secure control of access to a secure computer facility via exchange of identity 
badges over the Internet. 

The present invention strengthens the link between three security elements: 

voice recognition; 

knowledge of a password; and 

possession of an electronic badge - i.e. an applet 

and manages a translating/masking firewall, via port 80. 

According to a first aspect of the present invention, there is provided a 
telecommunications system adapted to act as a platform for electronic meetings, 
comprises a visitor's computer, an administration computer, an application 
computer, a firewall protecting said application computer and a transmission path 
over the Internet, characterised in that communications between said visitor's 
computer and said application computer are mediated by an electronic badge 
generated by said administration computer and operating on said visitor's 
computer. 
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Said administration computer and application computer may be realised on 
a single data processing machine. 

Alternatively, said administration computer and application computer may 
be distinct data processing machines, and communications between said visitor's 
computer and said application computer may be controlled by a firewall located in 
said administration computer. 

Said administration computer may be protected by a firewall. 

Said electronic badge may be an applet containing data identifying a visitor, 
a password, and a list of access rights relating to software applications running on 
said application computer. 

Said list of access rights may permit access to one, or more, software 
applications. 

Said applet may be adapted to run on said visitor's computer and cause 
one, or more, icons to be displayed on a VDU associated with said visitor's 
computer. 

Said administration computer may include a control panel linked to a web 
server adapted to issue electronic badges. 

Said administration computer may include a control server linked to said 
control panel and said web server, and a database of access rules linked to said 
control server. 

Said control server may be linked to a firewall protecting said application 
computer, and said database of access rules may be linked to said firewall 
protecting said application computer. 

Access to said webserver may be controlled by a password protection 

means. 
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An electronic visitor's badge may be created from said control panel and 
deposited for collection on said webserver. 

Said visitor's computer may download said electronic visitor's badge by 
accessing said web server and giving a password and visitor identification. 

Access rights associated with said visitor's badge may be altered while said 
visitor computer is connected to said application computer. 

Said visitor's badge may be adapted to self destruct on receipt of a signal 
from said control server. 

According to a second aspect to the present invention, there is provided a 
method of establishing access for a visitor's computer to an application computer 
protected by a firewall generated by an administration computer, over the Internet, 
characterised by mediating communications between said visitor's computer and 
said application computer with an electronic badge generated on said administration 
computer and operating on said visitor's computer. 

Said administration computer and said application computer may be realised 
on a single data processing machine. 

Said administration computer and application computer may be realised as 
distinct data processing machines, and communications between said visitor's 
computer and said application computer may be controlled through a firewall 
located in said administration computer. 

Said administration computer may be protected with a firewall. 


Said electronic badge may be an applet containing data identifying a visitor, 
a password, and a list of access rights relating to software applications running on 
said application computer. 
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Said list of access rights may permit access to one, or more, software 


WO 99/51003 


PCT/SE99/00516 


-5- 

apptications. 

Said applet may run on said visitor's computer and cause one, or more, 
icons to be displayed on a VDU associated with said visitor's computer. 

Said administration computer may include a control panel linked to a web 
server adapted to issue electronic badges. 

The method may include the steps of: 

establishing a voice link over the PSTN between a person operating 
said visitor's computer, herein referred to as a visitor, and a person 
operating said administration computer, herein referred to as a host; 

said host establishing that said visitor has clearance to access said 
application computer, and 

assigning and communicating a password to said visitor over said 
voice link. 

Said administration computer may include a control server linked to said 
control panel and said web server, and a database of access rules linked to said 
control server. 

Said control server may be linked to a firewall protecting said application 
computer, and said database of access rules may be linked to said firewall 
protecting said application computer. 

Access to said webserver may be controlled by a password protection 

means. 

Said host may create an electronic visitor's badge by actuation of said 
control panel and depositing said electronic visitor's badge, for collection by said 
visitor, on said webserver. 
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Said visitor may access said webserver over the Internet, giving said 
password, and downloading said electronic visitor's badge. 

Said method may include the steps of: 

said visitor requesting access, while connected to said application 
computer, to a first software application, not pre-authorised on said 
electronic visitor's badge; 

said control panel giving an alarm condition; 

said host confirming over said voice link that said visitor has 
requested access to said first software application; and 

modifying the access rights associated with said electronic visitor's 
badge via said control panel. 

Said visitor's badge may self destruct on receipt of a signal from said 
control server. 

According to a third aspect of the present invention, there is provided an 
administration computer, for use with a telecommunications system adapted to act 
as a platform for electronic meetings, said administration computer having a firewall 
protecting an application computer, characterised in that said administration 
computer is adapted to create an electronic badge to mediate communications 
between a visitor's computer and said application computer. 

Said administration computer and application computer may be realised on 
a single data processing machine. 

Said administration computer and application computer may be distinct data 
processing machines. 

Said administration computer may be protected by a firewall. 
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Said electronic badge may be an applet containing data identifying a visitor, 
a password, and a list of access rights relating to software applications running on 
said application computer. 

Said list of access rights may permit access to one, or more, software 
applications. 

Said applet may be adapted to run on said visitor's computer and cause 
one, or more, icons to be displayed on a VDU associated with said visitor's 
computer. 

Said administration computer may include a control panel linked to a web 
server adapted to issue electronic badges. 

Said administration computer may include a control server linked to said 
control panel and said web server, and a database of access rules linked to said 
control server. 

Said control server may be linked to a firewall protecting said application 
computer, and said database of access rules may be linked to said firewall 
protecting said application computer. 

Access to said webserver may be controlled by a password protection 

means. 

An electronic visitor's badge may be created from said control panel and 
deposited for collection on said webserver. 

Access rights associated with said visitor's badge may be altered while a 
visitor computer is connected to said application computer. 


Embodiments of the invention will now be described, by way of example, 
with reference to the accompanying drawings, in which: 
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Figure 1 illustrates, in schematic form, an overview of a telecommunications 
system, according to the present invention. 

Figure 2 illustrates, in greater detail, the administration computer and 
application computer of Figure 1 . 

Figure 3 illustrates, in greater detail, the participator computer of Figure 1. 
The system of the present invention may include seven main components, 


a control server, 6, see the accompanying drawings; 
a control panel, 4; 

a visitor's badge, in the form of an applet, 9; 
firewalls, 17, 24 and 7; 
a webserver, 5; 

a PSTN telephone link, 1,2 and 3; and 
applications software, 13, 14 and 15. 


As illustrated in the accompanying drawings, a telecommunications system 
which supports secure communication between a visitor's, or participator's, 
computer, 8, and application, or host computer, 24, has an administration computer 
19. The participator computer, 8, is linked via a firewall, 17, to the Internet 18, and 
thence through firewall, 24, to the administration computer 19. The administration 
computer, 19, includes a webserver, 5, for issuing visitor's badges in the form of 
Java applets, and is protected by a password recognition unit, 20. The 
administration computer includes a control panel, 4, which may take the form of a 
visual screen based interface, allowing an operator to control the administration 
computer and the issue of electronic badges. Each badge is in the form of an 


namely: 
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applet which, when run on a visitor's computer, such as 8, includes a series of icons 
for a range of applications on the application computer, to which the visitor is given 
access rights by the electronic badge. In the case of the embodiment illustrated in 
the drawings, these applications include applications 13, 14, and 15 which might be 
MS-Netmeeting, Word 6, and Coral Draw 6. 

The administration computer also includes a control server, 6, which controls 
a server, 16, carrying the access rules for the application computer, 34, and the 
firewall, 7, which protects the application computer. Access to the individual 
applications packages 13, 14, and 15, is controlled individually via the firewall, so 
that access may be granted to one, two, or all of applications 13 to 15, depending 
on the access rights granted to a given electronic visitor's badge. Access rights 
associated with an electronic badge may be altered during the course of a meeting, 
or conference, via the control panel and control server, giving true dynamic control. 

In operation, a visitor and host speak to each other over the telephone link 
1 , 3 f 2. They agree a password and the access rights the visitor will have. The host 
may identify the visitor by his/her voice, or by exchange of personal information, a 
PIN number, or the like. Once identification has been established to the satisfaction 
of the host, a password is issued orally to the visitor. The host then set ups an 
electronic visitor's badge for the host on the webserver 5, including the agreed 
password and the agreed access rights for the visitor. The electronic visitor's 
badge now resides on webserver 5 and awaits collection by the visitor. 

The visitor can now set up a data link over the Internet to control server, 6 
on a channel 24. It should be noted that the different communications channels 24, 
35, 27,26 and 25 are labelled for easy identification in the drawings and may, in fact, 
represent a single communications link. The visitor is then requested to give her/his 
password, which is authenticated by the password protection unit 20, which, in turn, 
permits the electronic badge to be transmitted to the visitor's computer. On receipt 
by the visitor's computer, the electronic password, which as previously stated is a 
Java applet, runs on the visitor's computer. The electronic badge causes a number 
of icons to be displayed on the visitor's computer, 10, 1 1 . and 12. By actuating the 
icons, the visitor obtains access via firewall 7, to the applications 13, 14 and 15 
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running on the application computer 34. The firewall operates to control the 
applications and data files to which the visitor can obtain access in accordance with 
the password instructions encoded in the electronic visitor's badge and the access 
rules held on server 16, all of which can be controlled via the control server 6, and 
control panel 4. 

Although, as illustrated in the drawings, the administration computer, 19, and 
the application computer, 34, may be distinct data processing machines, it is also 
possible to realise both computers on a single data processing machine. 

Consider the following scenario. 

Two persons, a visitor and host, agree to hold a meeting over Internet. The 
host has, at his disposal, a computer system called the Control Lab Room System, 
and is prepared to host the meeting on this computer. On the telephone, the host 
and the visitor agree on the name and password for a visitor's badge which will then 
be created. The host sits by the control panel of the Control Lab Room System and 
creates this visitor's badge, and at this stage connects certain privileges to the 
badge. For example, the visitor will be allowed, on showing his/her badge, the right 
to use the MS-Netmeeting software available on the application computer. The 
visitor's badge is lodged on the webserver which belongs to the system. The visitor 
then draws and activates the badge via a special website, the reception. The name 
and password to get access to the badge are those which the host and the visitor 
have agreed on the telephone. The host will see when the badge has been 
activated, via the control panel and, if the host gives a receipt for the activation, the 
conference will commence. The visitor's badge has control codes which enable the 
visitor to request access to a range of functions available on the application 
computer, e.g. video, or a protected webserver. The host and the visitor start by 
using MS_Netmeeting. Since the host created the visitor's badge with rights for this 
equipment, it will start without any fresh intervention via the control panel. 

After a while, however, the visitor wants to establish a connection with a 
video camera which shows the host's conference room. Before he/she has 
requested permission to do this, he/she starts his/her video client. When this 


WO 99/51003 


PCT/SE99/00516 


- 11 - 

happens, the control panel displays an alarm message, which shows that a visitor 
is trying to use a function for which the visitor has not been granted access rights. 
The host now asks the visitor, via the telephone link, if the attempt emanated from 
the visitor and, on receipt of a positive response, allocates, via a simple button 
press, the visitor with the right to establish the connection. 

Now, suppose a hacker, called Charlie, tries to get access to the same video 
channel. Earlier in the week Charlie had intercepted IP-traffic which contained a 
visitor's badge. However, when he tried to use the badge, the host immediately 
identified the badge as time expired, and immediately excluded him from the 
conference. This time Charlie tries to steal the visitor's video flow. He is stopped 
once again, this time because the control server of the Control Lab Room System 
does not succeed in communicating with the visitor's badge which all authorized 
visitors must have. This causes a new alarm to be given. If the visitor, via the 
telephone, does not affirm that he has just opened a new client session, and the 
host is not satisfied that this second session also belongs to the visitor, the host 
refuses connection. Furthermore, the host will ignore all inquiries from that source 
for the remainder of the conference. The rest of the conference turns out well and, 
at the end of the conference, the host withdraws the visitor's badge by means of the 
control server, via its channel to the badge, issuing an instruction to the badge to 
self destruct. 

In slightly more technical detail the course of events can be explained as 

follows. 

The firewall informs the control server of an attempt to establish a 
connection which, based on pre-existing rules, the status of the visitor's badge and 
user control from the control panel, accepts, or denies, the connection, by creating 
a rule for the firewall to follow for this and similar connection attempts. 

The visitor's badge is the critical point. Because it is an applet, it must be 
shown in a webreader on the visitor's screen in order to execute. If it is clicked 
away, it stops executing, and with that ceases to be valid. The source code of the 
visitor's badge includes the visitor's identity, together with the time period(s) for 
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which it is valid. It must show this information to make the control server accept a 
connection from it and, implicitly, from the location from which a person attempts to 
access the application computer. 

The control server is the hub of the system. The control server creates the 
visitor's badge in accordance with instructions received from the control panel and 
places the visitor's badge on the webserver as described above. When the badge 
has been drawn from the webserver, it establishes contact with the control server. 
If the badge is still active, all manipulations the host performs with the badge on the 
control panel are reflected on the badge at the visitor's computer, and vice verse. 
The control server also controls the firewall, which provides the security for the 
conference. 

The firewall has a number of rules to follow, like all firewalls. The difference 
here is that the host can dynamically change these rules, based on: 

judgment of the telephone part of the conference; and 

the guarantee the visitor's badge gives about the identity of the 
person operating the computer connected through, or seeking 
connection through, the firewall. 

The control panel gives the host a view of the whole system. All badges 
which have been distributed can be seen here, together with the functions that are 
active. All events which the host can influence in the system are shown on the 
control panel via the same interface as the visitor has, i.e. the badge. 
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CLAIMS 

1 . A telecommunications system adapted to act as a platform for electronic 
meetings, comprising a visitor's computer, an administration computer, an 
application computer, a firewall protecting said application computer and a 
transmission path over the Internet, characterised in that communications between 
said visitor's computer and said application computer are mediated by an electronic 
badge generated by said administration computer and operating on said visitor's 
computer. 

2. A telecommunications system, as claimed in claim 1 , characterised in that 
said administration computer and application computer are realised on a single data 
processing machine. 

3. A telecommunications system, as claimed in claim 1 , characterised in that 
said administration computer and application computer are distinct data processing 
machines, and in that communications between said visitor's computer and said 
application computer are controlled by a firewall located in said administration 
computer. 

4. A telecommunications system, as claimed in any previous claim, 
characterised in that said administration computer is protected by a firewall. 

5. A telecommunications system, as claimed in any previous claim, 
characterised in that said electronic badge is an applet containing data identifying 
a visitor, a password, and a list of access rights relating to software applications 
running on said application computer. 

6. A telecommunications system as claimed in claim 5, characterised in that 
said list of access rights may permit access to one, or more, software applications. 

7. A telecommunications system, as claimed in either claim 5, or 6, 
characterised in that said applet is adapted to run on said visitor's computer and 
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cause one, or more, icons to be displayed on a VDU associated with said visitor's 
computer. 

8. A telecommunications system, as claimed in any previous claim, 
characterised in that said administration computer includes a control panel linked 
to a web server adapted to issue electronic badges. 

9. A telecommunications system, as claimed in claim 8, characterised in that 
said administration computer includes a control server linked to said control panel 
and said web server, and a database of access rules linked to said control server. 

10. A telecommunications system, as claimed in claim 9, characterised in that 
said control server is linked to a firewall protecting said application computer, and 
in that said database of access rules is linked to said firewall protecting said 
application computer. 

11 A telecommunications system, as claimed in claim 10, characterised in that 
access to said webserver is controlled by a password protection means. 

12. A telecommunications system, as claimed in any of claims 8 to 11, 
characterised in that an electronic visitor's badge can be created from said control 
panel and deposited for collection on said webserver. 

13. A telecommunications system, as claimed in any of claims 8 to 12, 
characterised in that said visitor's computer can download said electronic visitor's 
badge by accessing said web server and giving a password and visitor 
identification. 

14. A telecommunications system, as claimed in any of claims 8 to 13, 
characterised in that access rights associated with said visitor's badge can be 
altered while said visitor computer is connected to said application computer. 

15. A telecommunications system, as claimed in any of claims 8 to 14, 
characterised in that said visitor's badge is adapted to self destruct on receipt of a 
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signal from said control server. 

16. A method of establishing access for a visitor's computer to an application 
computer protected by a firewall generated by an administration computer, over the 
Internet, characterised by mediating communications between said visitor's 
computer and said application computer with an electronic badge generated on said 
administration computer and operating on said visitor's computer. 

17. A method, as claimed in claim 16, characterised by realising said 
administration computer and said application computer on a single data processing 
machine. 

18. A method, as claimed in claim 16, characterised by realising said 
administration computer and application computer as distinct data processing 
machines, and by controlling communications between said visitor's computer and 
said application computer through a firewall located in said administration computer. 

19. A method, as claimed in any of claims 16 to 19, characterised by protecting 
said administration computer with a firewall. 

20. A method, as claimed in any of claims 16 to 19, characterised by said 
electronic badge being an applet containing data identifying a visitor, a password, 
and a list of access rights relating to software applications running on said 
application computer. 

21 . A method, as claimed in claim 20, characterised by said list of access rights 
permitting access to one, or more, software applications. 

22. A method, as claimed in either claim 20, or 21 , characterised by said applet 
running on said visitor's computer and causing one, or more, icons to be displayed 
on a VDU associated with said visitor's computer. 

23. A method, as claimed in any of claims 16 to 22, characterised by said 
administration computer including a control panel linked to a web server adapted 
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to issue electronic badges. 

24. A method, as claimed in claim 23, characterised by the steps of: 


establishing a voice link over the PSTN between a person operating 
said visitor's computer, herein referred to as a visitor, and a person 
operating said administration computer, herein referred to as a host; 

said host establishing that said visitor has clearance to access said 
application computer, and 

assigning and communicating a password to said visitor over said 
voice link. 


25. A method, as claimed in either claim 23, or 24, characterised by said 
administration computer including a control server linked to said control panel and 
said web server, and a database of access rules linked to said control server. 

26. A method, as claimed in claim 25, characterised by said control server being 
linked to a firewall protecting said application computer, and by said database of 
access rules being linked to said firewall protecting said application computer. 

27. A method, as claimed in claim 26, characterised by controlling access to 
said webserver with a password protection means. 

28. A method, as claimed in any of claims 24 to 27, characterised by said host 
creating an electronic visitor's badge by actuation of said control panel and 
depositing said electronic visitor's badge, for collection by said visitor, on said 
webserver. 


29. A method, as claimed in any of claims 24 to 28, characterised by said visitor 
accessing said webserver over the Internet, giving said password, and downloading 
said electronic visitor's badge. 
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30. A method, as claimed in any of claims 24 to 29, characterised by the steps 
of: 

said visitor requesting access, while connected to said application 
computer, to a first software application, not pre-authorised on said 
5 electronic visitor's badge; 

said control panel giving an alarm condition; 

said host confirming over said voice link that said visitor has 
requested access to said first software application; and 

modifying the access rights associated with said electronic visitor's 
10 badge via said control panel. 

31. A method, as claimed in any of claims 24 to 30, characterised by said 
visitor's badge self destructing on receipt of a signal from said control server. 

32. An administration computer, for use with a telecommunications system 
adapted to act as a platform for electronic meetings, said administration computer 

15 having a firewall protecting an application computer, characterised in that said 

administration computer is adapted to create an electronic badge to mediate 
communications between a visitor's computer and said application computer. 

33. An administration computer, as claimed in claim 32, characterised in that 
said administration computer and application computer are realised on a single data 

20 processing machine. 

34. An administration computer, as claimed in claim 32, characterised in that 
said administration computer and application computer are distinct data processing 
machines. 


25 


35. An administration computer, as claimed in any of claims 32 to 34, 
characterised in that said administration computer is protected by a firewall. 
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36. An administration computer, as claimed in any of claims 32 to 34, 
characterised in that said electronic badge is an applet containing data identifying 
a visitor, a password, and a list of access rights relating to software applications 
running on said application computer. 

37. An administration computer as claimed in claim 36, characterised in that 
said list of access rights may permit access to one, or more, software applications. 

38. An administration computer, as claimed in either claim 36, or 37, 
characterised in that said applet is adapted to run on said visitor's computer and 
cause one, or more, icons to be displayed on a VDU associated with said visitor's 
computer. 

39. An administration computer, as claimed in any of claims 32 to 38, 
characterised in that said administration computer includes a control panel linked 
to a web server adapted to issue electronic badges. 

40. An administration computer, as claimed in claim 39, characterised in that 
said administration computer includes a control server linked to said control panel 
and said web server, and a database of access rules linked to said control server. 

41. An administration computer, as claimed in claim 40, characterised in that 
said control server is linked to a firewall protecting said application computer, and 
in that said database of access rules is linked to said firewall protecting said 
application computer. 

42. An administration computer, as claimed in claim 41, characterised in that 
access to said webserver is controlled by a password protection means. 

43. An administration computer, as claimed in any of claims 36 to 42, 
characterised in that an electronic visitor's badge can be created from said control 
panel and deposited for collection on said webserver. 
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44. An administration computer, as claimed in any of claims 36 to 42, 
characterised in that access rights associated with said visitor's badge can be 
altered while a visitor computer is connected to said application computer. 
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